ae0804bfed551eaffe29f9f44ff10333_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae0804bfed551eaffe29f9f44ff10333_JaffaCakes118
Size

3.3MB
MD5

ae0804bfed551eaffe29f9f44ff10333
SHA1

10016d29efbcc6671751e9f9d51b0fccc4d4f7c0
SHA256

6bb6bbf1a621f76492114c4c50ccdb4abea6df55eba713603507362159d283a2
SHA512

0230a1dab1b9b802830913893d8a57384b800480b22c15743e5a208442c6ddf410e0a77df8d1bb871d401dc3d48cc87824895de52d5dcb7c19110126fc49155f
SSDEEP

24576:UAYGe1GEKSPzxlsEmbVuk2bCR7qvVFXYVrou7U4wVO9OnSWKUt:UAYGe1VKezcERCR7q96VUeFkFj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae0804bfed551eaffe29f9f44ff10333_JaffaCakes118

Files

ae0804bfed551eaffe29f9f44ff10333_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ee5d687ea44b6bb7dee0b4a24e317a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ExitProcess
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThread
GetFileType
GetSystemTime
lstrcmpiW
CreateMutexW
GetModuleHandleW
OutputDebugStringW
FindResourceExW
CreateFileW
FindNextFileW
CopyFileExW
CreateNamedPipeW
BuildCommDCBW
GetCPInfo
MultiByteToWideChar
GetLocaleInfoW
GetThreadLocale
GetUserDefaultLCID
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
RtlUnwind
LoadLibraryExW
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetOEMCP
GetACP
IsValidCodePage
IsDebuggerPresent
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetStdHandle
GetProcessHeap
WideCharToMultiByte
GetProcAddress
CloseHandle
GetModuleHandleExW
DecodePointer
GetCurrentThreadId
SetLastError
GetLastError
EncodePointer
RaiseException
GetCommandLineW

shlwapi

StrStrW
StrStrIW
PathAddBackslashW
StrRChrW
PathCanonicalizeW
PathCombineW
PathFileExistsW
PathFindNextComponentW
PathGetDriveNumberW
PathIsDirectoryW
PathIsRelativeW
PathBuildRootW
PathIsUNCW
PathRemoveBackslashW
SHCreateStreamOnFileEx
StrDupW

user32

GetDlgCtrlID
SendDlgItemMessageW
GetDialogBaseUnits
CreateDialogParamW
ShowWindowAsync
CreateWindowExW
GetClassInfoW
CallWindowProcW
SendMessageTimeoutW
TranslateMessage
CharPrevW
EnableWindow
GetMenuState
ModifyMenuW
DrawIcon
GetScrollPos
SetScrollRange
DestroyCaret
ClientToScreen
InvertRect
GetTopWindow
SetWindowsHookExW
DestroyCursor
DrawIconEx
DdeDisconnectList
CheckDlgButton
SetMenuDefaultItem

shell32

Shell_NotifyIconW
ExtractIconExW
ShellAboutW
CommandLineToArgvW
ShellExecuteW

oleaut32

VarBstrFromDate
VarNeg
RegisterTypeLi
SetErrorInfo
VarCyFromStr
VarDateFromStr
VariantCopyInd
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayCreate
SysFreeString
SysReAllocStringLen
SysAllocStringLen
SysStringLen

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 778KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aati5e
Size: 491KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e2ra3
Size: 629KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.o6le19
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.960wo
Size: 559KB - Virtual size: 558KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ee5d687ea44b6bb7dee0b4a24e317a4

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

shell32

oleaut32

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 778KB - Virtual size: 7.6MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.aati5e Size: 491KB - Virtual size: 490KB

.e2ra3 Size: 629KB - Virtual size: 628KB

.o6le19 Size: 456KB - Virtual size: 455KB

.960wo Size: 559KB - Virtual size: 558KB

.rsrc Size: 363KB - Virtual size: 362KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 778KB - Virtual size: 7.6MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.aati5e
Size: 491KB - Virtual size: 490KB

.e2ra3
Size: 629KB - Virtual size: 628KB

.o6le19
Size: 456KB - Virtual size: 455KB

.960wo
Size: 559KB - Virtual size: 558KB

.rsrc
Size: 363KB - Virtual size: 362KB